I visit this website when I’m sad, contains many magical things that help me to find the solution. Focused on
your problem and find “the magic thing” that will help you to solve it.
It was a really good and fun CTF, challenges were well made, and the organization was really good. Just a few live patching on some challs, but I guess it’s always like that 🙂
Thanks to the organizers who gave us this really good CTF!
As this CTF was a way harder than the Hacking Week, we are not so well ranked, only 73 over 328 (1073 registered), but we are the second French team, behind khack40 (and way before zenk-security and hexpresso 😉 ).
We only solved 7 challenges, and we almost had done 3 more, but as we are a bit lame, we didn’t saw obvious things x)
Obviously, crypto is our main lack, with only zero finished challenge, we really need to skill on that part for the next time!
Stay tuned for the write ups, they’re coming soon (as we don’t have a lot to write :))
The supplied memory image was captured on a compromised machine, analyze it to answer questions (this is the same image for the four forensic tests, useless to download several times).
One of the machine’s users had several websites about an incident that involved a showbiz personality. The validation key is FirstnameLastname of this personality.
The supplied memory image was captured on a compromised machine, analyze it to answer questions (this is the same image for the four forensic tests, useless to download several times).
The validation keyof the challenge isgiven bythe PID,PPIDand the number ofthreads of theSolitaireprogram.Put itto the format PID:PPID:nThreads.
The supplied memory image was captured on a compromised machine, analyze it to answer questions (this is the same image for the four forensic tests, useless to download several times).
When the machine was compromised, the attacker installed a Command & Control software that is currently inactive but must contact a server to receive his orders.
Find the server name and the port on which the malware should connect.
The validation key is servername:portnumber.